In our latest resilience episode, Ian Duffy, Partner in our Technology and Innovation Group, is joined by Denise Murray, Head of Financial Services, Compliance and Regulatory Relations, to explore how third‑party and intragroup arrangements are shaping operational resilience for regulated firms.With outsourcing deeply embedded across the financial services ecosystem, the conversation looks at:

• Why third‑party and sub‑outsourcing arrangements can significantly impact a firm’s resilience profile

• How regulators are increasing their focus on critical and important services under frameworks such as DORA and CBI guidance

• The importance of robust risk assessments, due diligence and ongoing oversight

• What firms should expect from vendors around resilience testing, business continuity and incident response

• Why contracts, governance and clear communication are critical when disruptions occurThe discussion also considers concentration risk, chain outsourcing, and the often‑overlooked challenges of intragroup service arrangements, including autonomy, conflicts of interest and exit planning.

In the latest episode from our Resilience series, Ciaran Flynn, Head of Governance and Consulting Services, is joined by Sarah Thompson, Partner and Head of our Financial Regulation Group, as they explore how increased regulatory scrutiny is reshaping financial resilience across the Irish market.

From stress testing and liquidity buffers to capital planning and ICAAP/ILAAP integration, the conversation covers need-to-know topics relating to financial resilience, including :

• How ECB and CBI expectations are changing firm behaviour
• The real-world impact on smaller and mid-sized firms
• Why early detection, clear communication and regulator engagement are critical
• How firms can better integrate resilience planning into day‑to‑day risk management

In this episode of our Resilience series, “How to respond to an ICT-related incident,” Denise Murray, Head of Financial Services Compliance and Regulatory Relations, is joined by Ian Duffy, Partner in our Technology and Innovation Group. They share practical insights on identifying and managing ICT incidents, from phishing attacks and supply chain compromises to large-scale cyber breaches. The discussion covers activating response plans, engaging stakeholders, and meeting relevant regulatory obligations including under DORA and GDPR. They also highlight why documenting decisions during fast-moving disruptions and conducting lessons-learned reviews are essential for an effective and compliant response to incidents. For more insights and to access our resilience playbook, visit arthurcox.com/resilience.